On Fri, Jan 27, 2017 at 12:47:22PM +0100, Juergen Gross wrote: > XS_RESTRICT and the xenstore library function xs_restrict() have never > been usable in all configurations and there are no known users. > > This functionality was thought to limit access rights of device models > to xenstore in order to avoid affecting other domains in case of a > security breech. Unfortunately XS_RESTRICT won't help as current > qemu is requiring access to dom0 only accessible xenstore paths to > work correctly. So this command is useless and should be removed. > > In order to avoid problems in the future remove all support for > XS_RESTRICT from xenstore. > > Signed-off-by: Juergen Gross <jgr...@suse.com>
Reviewed-by: Wei Liu <wei.l...@citrix.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel